CVE-2025-14274

The Unlimited Elements for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Border Hero widget's Button Link field in versions up to 2.0.1. This is due to insufficient input sanitization and output escaping on user-supplied URLs. This makes it possible for...

CVE-2025-5319

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Emit Informatics and Communication Technologies Industry and Trade Ltd. Co. DIGITA Efficiency Management System allows SQL Injection. This issue affects DIGITA Efficiency Management System: through...

CVE-2025-14274

The Unlimited Elements for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Border Hero widget's Button Link field in versions up to 2.0.1. This is due to insufficient input sanitization and output escaping on user-supplied URLs. This makes it possible for...

CVE-2025-14274 Unlimited Elements for Elementor <= 2.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Border Hero Widget

The Unlimited Elements for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Border Hero widget's Button Link field in versions up to 2.0.1. This is due to insufficient input sanitization and output escaping on user-supplied URLs. This makes it possible for...

CVE-2025-14274

The CVE-2025-14274 affects the WordPress plugin Unlimited Elements for Elementor. A Stored Cross-Site Scripting (XSS) flaw exists in the Border Hero widget’s Button Link field due to insufficient input sanitization and output escaping, vulnerable in versions up to 2.0.1. An authenticated attacker...

EUVD-2025-206742

The Unlimited Elements for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Border Hero widget's Button Link field in versions up to 2.0.1. This is due to insufficient input sanitization and output escaping on user-supplied URLs. This makes it possible for...

CVE-2025-14274 Unlimited Elements for Elementor <= 2.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Border Hero Widget

The Unlimited Elements for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Border Hero widget's Button Link field in versions up to 2.0.1. This is due to insufficient input sanitization and output escaping on user-supplied URLs. This makes it possible for...

CVE-2025-14274

The Unlimited Elements for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Border Hero widget's Button Link field in versions up to 2.0.1. This is due to insufficient input sanitization and output escaping on user-supplied URLs. This makes it possible for...

PT-2026-5773

Name of the Vulnerable Software and Affected Versions Unlimited Elements for Elementor plugin versions up to 2.0.1 Description The Unlimited Elements for Elementor plugin for WordPress has a Stored Cross-Site Scripting issue. This is caused by inadequate input sanitization and output escaping of...

WordPress plugin Unlimited Elements for Elementor 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

WordPress Unlimited Elements for Elementor plugin <= 2.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Border Hero Widget vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Border Hero Widget vulnerability discovered by zer0gh0st in WordPress Plugin Unlimited Elements For Elementor Free Widgets, Addons, Templates versions = 2.0.1...

WordPress Elementor Addon Elements plugin <= 1.12.12 - Authenticated (Contributor+) Stored Cross-Site Scripting via Dual Button Widget vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Dual Button Widget vulnerability discovered by RandomRoot in WordPress Plugin Elementor Addon Elements versions = 1.12.12...

WordPress Elementor Addon Elements plugin <= 1.13.2 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by wesley wcraft in WordPress Plugin Elementor Addon Elements versions = 1.13.2...

WordPress Elementor Addon Elements plugin <= 1.13.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Twitter Widget vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Twitter Widget vulnerability discovered by wesley wcraft in WordPress Plugin Elementor Addon Elements versions = 1.13.3...

WordPress Elementor Addon Elements plugin <= 1.13.5 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by wesley wcraft in WordPress Plugin Elementor Addon Elements versions = 1.13.5...

WordPress Elementor Addon Elements plugin <= 1.13.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via id and eae_slider_animation Parameters vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via id and eaeslideranimation Parameters vulnerability discovered by stealthcopter in WordPress Plugin Elementor Addon Elements versions = 1.13.5...

WordPress Elementor Addon Elements plugin <= 1.13.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Multiple Widgets vulnerability discovered by Webbernaut in WordPress Plugin Elementor Addon Elements versions = 1.13.6...

WordPress Unlimited Elements For Elementor (Free Widgets, Addons, Templates) plugin <= 1.5.112 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'email' vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via 'email' vulnerability discovered by shaman0x01 - Shaman Red Team in WordPress Plugin Unlimited Elements For Elementor Free Widgets, Addons, Templates versions = 1.5.112...

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a series of chipset developed by Qualcomm Incorporation. There are security vulnerabilities in Qualcomm Chipsets, and these vulnerabilities can lead to instant denial-of-service attacks when processing receive frames that contain excessive authentication information elements...

AKCE SKSPro SQL注入漏洞

AKCE SKSPro is a medical quality management system developed by the Turkish company AKCE. Versions of AKCE SKSPro prior to 07012026 contained an SQL injection vulnerability. This vulnerability stemmed from improper handling of special elements used in SQL commands, which could lead to SQL...